Topics created by Fredtx

@Fredtx said in Multiple Tombstoned DC's:

@JaredBusch said in Multiple Tombstoned DC's:

Mesh of multiple locations like you have is simply asking for crypto to hit all the things.

Exactly what I've been telling them.

VPNs and AD the same. The mesh "should" not pose any threat because there should be nothing exposed over the mesh. But given the rest of the design, we can safely assume there are security holes everywhere and they are just trying to open more.

These are the flags that hackers look for for finding easy targets.

@obsolesce said in Wsus for remote vpn and on-premise users:

@scottalanmiller said in Wsus for remote vpn and on-premise users:

There is little different between an MSP and internal IT.

They are basically the same thing. In many cases the internal IT is a separate entity that basically bills the company and/or child companies, but is on the payroll of the company.

Yup, the key difference isn't their relationship to the rest of the org, effectively MSP, ITSP, Internal IT, etc. are all external in how they are approached. Only how they are paid really differs and the staff don't always see that.

What makes the two different is that an Internal IT department (even one treated as a consulting group) has only a single top level customer and MSPs have multiple. That's really it.

And that doesn't always make a real difference. If the top level internal IT customer doesn't force all underlying groups to unify under a single IT strategy you get an effective situation of multiple customers, sometimes as you said, even with separate billing.

@obsolesce said in Is this a fake job?:

What kind of role and responsibilities are you seeking? What kind of company / employer? Position?

I'm seeking for an in-house system admin role (windows /vmware/hyper-v/azure environments). A position where I can gain knowledge from senior admins, and where I can gain experience in projects/implementations/planning/etc. I've been working for managed services, and kind of burnt out, and wanting to explore something new/different. Or something like a Projects Engineer position. Something where I can strategically plan/research, and implement.

@fredtx This is really GoDaddy breached. That they were running WordPress is kind of an aside.

@fredtx said in Did I connect these switches according to best practices?:

For instance, I've seen your posts where you said you learned some good concepts while studying for the mcsa MCSE back in the 90's.

That's true. But mostly I learned about the parts that weren't related to them, and mostly from third party sourced like Ed Tittle. Microsoft's own materials weren't bad, but not on par with good educators.

Could try something like this-

4EF30B75-5AB4-4D00-B246-13FAB7E5E070.jpeg

@fredtx
Good to hear 🙂

@Fredtx said in Cisco Access Point Install Help (AIR-AP18321-B-K9):

Appreciate everyone's help. I may be posting more often, because I'm getting exposed to a lot of technology I'm not familiar with. LOL

Awesome

@kmac76 It works well, just haven't tried this.

Some good stuff from everyone! Appreciate it!

@Fredtx said in Help Understanding LAN test Speed Results:

I ran a LAN Test speed using from a client to a server, which are both in the same LAN as it's a small dental office network. The results are showing 67.88Mbps (Writing/Upload) and 405.51Mbps (Reading/download). I don't know what their physical infrastructure is as I work remote, but I'm sure it's 1Gbps Ethernet. If that's the case, does this test result indicate there's an issue, with the huge difference between upload and download, all in the local LAN?

That the test is labeled writing / reading.... then yes, you're expected to be testing a lot more than the network and a big difference would be expected.

@Fredtx said in Website Creation Recommendations:

@black3dynamite said in Website Creation Recommendations:

@gjacobse said in Website Creation Recommendations:

I wouldn't necessarily say ZERO - but listed it as a donation - You mentioned this was for a church, and churches are Non-Profits. You could easily claim it as a donation of services.

I understood it was for her and not the Church.

Yes, it's mainly for her. She's very involved with the Women's ministry in church. However, she is about to complete her counseling degree, and wants her own personal website for blogging, and videos for her ministry, and I'm sure to share with other ladies within the church, and outside the church.

If anything, charge more for advertising to the church. 🙂

LinkedIn Learning
https://www.linkedin.com/learning/search?keywords=rhel

@stacksofplates said in Microsoft plans on retiring the MCSA,MCSD,MCSE certifications in June 30,2020:

This is just like that time when @JaredBusch and I argued with you because you said "we were laughing at people not using APIs in the 90s" meanwhile there are still a ton of companies making client/server architecture including a piece of software you have to support.

Actually, no, it's completely different.

You are conflating the idea of people doing things poorly with that lots of people do do things poorly.

If you stop putting words in my mouth and actually read what I write, you'll see absolute consistency. Your understanding or assumptions jump around wildly because I'm being realistic and evaluating each situation on its own merits, not in spite of it.

In the example you just gave, yes, I'm mocking people for doing things poorly. But that in no way claims that I believe that people don't do things poorly. In fact, I've stated ad nauseum that the majority of the world does things poorly. And I've said many times that we should make people doing things be more accountable.

@scottalanmiller Thanks! I'm doing some job searching right now on my computer, and now I have a completely different mentality on choosing which ones to apply for.

@IRJ said in AVG deleting data:

Setup FIM to see what is causing it 100%

FIM?

@JaredBusch said in Wide ransomware virus infection sourced from 3rd party IT's remote agents.:

@Fredtx said in Wide ransomware virus infection sourced from 3rd party IT's remote agents.:

@scottalanmiller said in Wide ransomware virus infection sourced from 3rd party IT's remote agents.:

@Fredtx said in Wide ransomware virus infection sourced from 3rd party IT's remote agents.:

@scottalanmiller said in Wide ransomware virus infection sourced from 3rd party IT's remote agents.:

@Fredtx said in Wide ransomware virus infection sourced from 3rd party IT's remote agents.:

@scottalanmiller said in Wide ransomware virus infection sourced from 3rd party IT's remote agents.:

@Fredtx how did it get determined that it was their agents that did it and not just a coincidence or something?

We received several support calls from the whole Oregon area and that was one of the common denominators for all the computers that were infected with that variant. I for one hand did not work with the customer, but that's what our techs saw and found. Tbh, I'm trying to understand how that could happen when most of the ransomware cases involves a self executable file.

So many different MSPs, but they all shared one tool?

It was only one MSP (PM Consultants) who’s agent spread the infection to their own customers. Their customers called our support desperate for help.

What agent was it? Knowing which program was compromised is a big deal, those agents are hosted by the vendor 99% of the time.

I was told it was Connect Wise.

Old and Unpatched, or weak passwords then.

Likely. Attach probably came through an MSP workstation.

Thanks everyone for y'alls input as I value the knowledge. This all makes perfect sense. I was just chatting with my colleague's about these details and they are making sense of it too.

@Fredtx said in Ethical vs Legal for user mailboxes:

have all emails forwarded to them for a specific user

This is stupid though.

Instead access to the users mailbox can be granted. Gods, who want sot have multiple peoples email all showing up in their inbox..

People are so fucking stupid.

@Dashrender said in Is Spectrum's modem really bridged?:

@scottalanmiller said in Is Spectrum's modem really bridged?:

@Dashrender said in Is Spectrum's modem really bridged?:

@scottalanmiller said in Is Spectrum's modem really bridged?:

Even the Windows RDP client does allow saving creds, it's a commonly used setup.

https://www.nextofwindows.com/how-to-save-password-in-a-remote-desktop-connection-in-windows-8

lol I looked for that, but forgot to click advanced.

Still doesn't solve the problem using using a horrible password (length along is horrible to some) each time you want to log into your box.

Sure, but neither does a VPN. You can control the passwords in either case, or you can let the end user use horrible passwords in either case. The VPN doesn't change the basic issue.

Sure. and now we're just running in circles.

I did start by saying you are correct.

🙂

At the end, VPNs just don't solve those problems. A VPN's benefit is only in having a second mechanism, if it is kept completely decoupled from the original. But it's a poor approach when it is used to cover up a lack of security applied to the core protocol.